Re: [squid-users] Reverse Proxy, OWA RPCoHTTPS and NTLM authentication passthrough

[Abdessamad BARAKAT]

Hi people,
Nobody for give me a feedback about this feature ( ntlm auth pass  
through) ?

Thanks


Le 14 juil. 08 à 12:39, Abdessamad BARAKAT a écrit :

Hi,

I need to reverse proxied a OWA 2007 service and I have some  
problems with NTLM authentication and the RPC connection.  Squid  
offers a SSL service and connect himself to the OWA with a SSL  
connection

The NTLM authentication was made bu the OWA so I need squid to pass  
the credentials without modified them.

Actually I get  only 401 error code but when I switch the  
authentication to "Basic authentication" on the Outlook anywhere's  
settings, It's working. I want really to have the NTLM  
authentication working for don't ask all users to change their  
settings.

The squid is chrooted.

I have tried the following versions:

- 3.0 STABLE7

- 2.7STABLE3

- 2.6STABLE21

- 2.6STABLE3

My setup (sometime I need to add acl all or logfile_daemon beetween  
versions, that's all) :

#### CHROOT
chroot /usr/local/squid
mime_table /etc/mime.conf
icon_directory /share/icons
error_directory /share/errors/English
unlinkd_program /libexec/unlinkd
cache_dir ufs /var/cache 100 16 256
cache_store_log /var/logs/store.log
access_log /var/logs/access.log squid
pid_filename /var/logs/squid.pid
logfile_daemon /libexec/logfile-daemon
####

# Define the required extension methods
extension_methods RPC_IN_DATA RPC_OUT_DATA

# Publish the RPCoHTTP service via SSL
https_port 192.168.1.122:8443 cert=/etc/apache2/ssl/ 
webmail.corporate.com.p
em defaultsite=webmail.corporate.com
cache_peer 172.16.18.13 parent 443 0 no-query originserver  
login=PASS ssl sslfl
ags=DONT_VERIFY_PEER name=exchangeServer

acl all src 0.0.0.0/0.0.0.0
acl EXCH dstdomain .corporate.com
cache_peer_access exchangeServer allow EXCH
cache_peer_access exchangeServer deny all
never_direct allow EXCH
# Lock down access to just the Exchange Server!
http_access allow EXCH
http_access deny all
miss_access allow EXCH
miss_access deny all

#no local caching
#maximum_object_size 0 KB
#minimum_object_size 0 KB
#no_cache deny all

#access_log /usr/local/squid/var/logs/access.log squid


Thanks a lot for any tips or informations .


!DSPAM:487b2e138671238159409!